Date: Sun, 26 Apr 1998 07:56:22 +0000 (GMT) From: Terry Lambert <tlambert@primenet.com> To: mike@smith.net.au (Mike Smith) Cc: eivind@yes.no, garbanzo@hooked.net, hackers@FreeBSD.ORG Subject: Re: Speaking of packaging tools.. Message-ID: <199804260756.AAA00835@usr05.primenet.com> In-Reply-To: <199804260315.UAA01783@antipodes.cdrom.com> from "Mike Smith" at Apr 25, 98 08:15:09 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > Neat - but do we really want to go in the direction of packages that > > can contain trojans? Personally I wouldn't like running a > > self-extracting archive, at least... > > We already have them. Part of the notes I formulated on the scheme that > came out of the last round of discussions deals with the concept of a > set of security models and some basic trust-related items to handle > packages which need to do processing work subsequent to installation. > > It was fairly clear from some observation that this processing could > not always be eliminated. 8( Satoshi probably does not want to become an X.509 certificate authority using 128 bit MD5 checksums. But if he does, the RSA MD5 code is under a BSD-like license, and is exportable, being a hash, and Diffie-Helman is recently off patent. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804260756.AAA00835>